Last updated:
This Privacy Policy explains how Eatoky collects, uses, shares, and protects information when you visit our website, interact with our emails, or use our forms and tools. By using the site, you agree to this Policy.
1) Who we are
Eatoky is a recipe blog focused on beginner-friendly, make-ahead breakfasts—especially overnight oats. Our goal is to make healthy eating simple and joyful while respecting your privacy.
- Data Controller: Eatoky
- Email: [email protected]
- Mailing Address: [Add mailing address]
- EU/UK Representative & DPO (if applicable): [Add details or “Not applicable”]
2) Information we collect
2.1 Information you provide
- Contact forms & email: name, email address, message content.
- Newsletter: email address and optional preferences.
- Comments: display name, email, comment text, and (if enabled) IP for spam prevention.
- Giveaways/surveys: details you submit (e.g., shipping name for prizes).
2.2 Information collected automatically
- Usage data: IP address, device type, browser, operating system, pages viewed, referring URLs, timestamps.
- Cookies & similar tech: to remember preferences, analyze performance, measure campaigns, prevent spam/fraud, and personalize content.
- Approximate location: inferred from IP to understand readership by region (not precise GPS).
2.3 Information from third parties
- Analytics/Email tools (e.g., Google Analytics, Tag Manager; email service providers).
- Ad/affiliate platforms (e.g., Amazon Associates or other networks if used).
- Social & embedded media (e.g., YouTube, Pinterest) may set their own cookies when content is embedded.
3) How and why we use your information (lawful bases)
Purpose, examples, and lawful basis are explained in the table below:
| Purpose | Examples | Lawful Basis (GDPR/UK GDPR) |
|---|---|---|
| Site operation & security | Load pages, prevent spam/bots (e.g., reCAPTCHA), record errors | Legitimate interests |
| Analytics & performance | Understand traffic and popular content to improve the site | Consent (where required) / Legitimate interests |
| Communications | Respond to messages; send newsletters you requested | Contract / Consent |
| Personalization | Remember preferences (e.g., cookie choices) | Consent / Legitimate interests |
| Legal compliance | Record-keeping, requests from authorities | Legal obligation |
4) Cookies & tracking technologies
We use cookies, pixels, and similar technologies to remember settings, measure site performance, understand which posts are most useful, and manage advertising/affiliates.
5) How we share information
We share information with service providers under appropriate contracts. We do not sell personal information. We may disclose information if required by law or to protect our rights, users, or the public.
6) Data retention
We keep personal data only as long as necessary. Typical periods: Analytics: 14–26 months, Contact messages: up to 24 months, Newsletter data: until you unsubscribe, Comments: retained unless removal requested.
7) International transfers
Your information may be processed outside the US. We use safeguards (e.g., Standard Contractual Clauses) when required.
8) Your privacy rights
You may access, correct, delete, restrict, or port your data, withdraw consent for non-essential processing, and lodge complaints with authorities. Contact [email protected] with “Privacy Request” in the subject.
9) Children’s privacy
Our content is not directed to children under 13. We do not knowingly collect children’s personal data. Contact us to delete if necessary.
10) Security
We use reasonable technical measures (e.g., TLS encryption, limited access) to protect information, but no method is completely secure.
11) Third-party links & embedded content
Third-party links or embedded media have their own privacy policies. Review them before interacting.
12) Changes to this Policy
We may update this Privacy Policy from time to time. The “Effective date” will change accordingly.
13) Contact us
If you have questions about this Policy or your data, contact: [email protected].